Head Security Ops & Governance

Title: Head Security Ops & Governance (Level: Sr. Manager/ Associate Director)
Location: Gurgaon, India
Type: Hybrid

Job Description

Company Overview

Fareportal is a travel technology company powering a next-generation travel concierge service. Utilizing its innovative technology and company owned and operated global contact centers, Fareportal has built strong industry partnerships providing customers access to over 600 airlines, a million lodgings, and hundreds of car rental companies around the globe. With a portfolio of consumer travel brands including CheapOair and OneTravel, Fareportal enables consumers to book-online, on mobile apps for iOS and Android, by phone, or live chat. Fareportal provides its airline partners with access to a broad customer base that books high-yielding international travel and add-on ancillaries.
Fareportal is one of the leading sellers of airline tickets in the United States. We are a progressive company that leverages technology and expertise to deliver optimal solutions for our suppliers, customers, and partners.

• Fareportal is the number 1 privately held online travel company in flight volume.
• Fareportal partners with over 600 airlines, 1 million lodgings, and hundreds of car rental companies worldwide.
• 2019 annual sales exceeded $5 billion.
• Fareportal sees over 150 million unique visitors annually to our desktop and mobile sites.

Fareportal, with its global workforce of over 2,600 employees, is strategically positioned with 9 offices in 6 countries and headquartered in New York City.

Role Overview
We are seeking a highly skilled and experienced Head Security Operations & GRC to join our dynamic team. The candidate will be responsible for designing, managing, and enhancing our cyber defense strategy, with a focus on tooling and architecture.

Key Responsibilities
Security Operations Management:
• Lead and manage the security operations team, providing guidance, mentorship, and support to ensure team’s success
• Develop and execute strategies to enhance the organisation’s security posture and mitigate security risks
• Develop and maintain incident response plans and procedures to effectively detect, analyse, and respond to security incidents
• Help team in managing incident response including detection, analysis, containment, and resolution of security incidents
• Establish metrics and KPIs to measure the effectiveness of security operations and identify areas for improvement
• Implement proactive measures to enhance security controls, processes, and procedures based on industry best practices and emerging threats
• Collaborate with cross functional teams to align security initiatives with business objectives and priorities
• Communicate security risks, incidents, and mitigation strategies to senior management and key stakeholders in concise manner

Governance, Risk, Compliance (GRC) and Investigations:
• Maintain a comprehensive GRC framework aligned with industry standards, regulatory requirements, and organisational objectives
• Provide strategic direction and oversight for all aspects of governance, risk management and compliance activities in Fareportal
• Develop and implement policies and procedures to promote a culture of compliance across Fareportal
• Ensure that policies are effectively communicated, understood, and enforced
• Conduct risk assessments to identify and prioritise risks across Fareportal. Develop and implement risk mitigation strategies and controls to minimise exposure to potential threats and vulnerabilities
• Conduct internal audits and assessments to evaluate the effectiveness of security controls. Collaborate to address findings and remediate any identified deficiencies
• Manage external audits and compliance for certifications including ISO 27001 and PCIDSS
• Develop and deliver training programs and materials to educate employees on GRC policies, procedures, emerging threats and best practices
• Promote awareness of compliance requirements through regular communication and training initiatives
• Develop and execute comprehensive data monitoring strategy and tool to detect anomalies, unusual patterns, suspicious activities,
• Protect sensitive data and mitigate the risk of data loss or leakage
• Lead efforts to implement fraud prevention measures, controls, and procedures to mitigate fraud risks and protect company assets
• Oversee employee investigations ensuring compliance with legal and regulatory requirements. Collaborate with Legal, HR teams to address fraud and employee investigation matters
• Evaluate security posture of vendors and third-party partners through due diligence assessments and establish a process for ongoing monitoring
• Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

Required Skills:
• CISSP, CISM or equivalent certifications preferred
• Proven experience in managing security operations, GRC and risk management roles with atleast 10 years of relevant experience
• Strong knowledge on
• applicable information security management, governance, and compliance principles, standards, practices, laws, rules and regulations (ISO 27001, PCI DSS, NIST, GDPR, CCPA, IT Act, etc)
• cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration;
• Information systems auditing, monitoring, controlling, and assessment process;
• Risk assessment and management methodology.
• Detail-oriented, ability to consistently provide high-quality products that are concise, thorough and accurate;
• Strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Excellent leadership, communication, and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organisation

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fareportal reserves the right to change the job duties, responsibilities, expectations or requirements posted here at any time at the Company’s sole discretion, with or without notice.

Job Category: IT
Job Type: Full Time
Job Location: Gurgaon

Apply for this position

Allowed Type(s): .pdf, .doc, .docx
Copyright © 2002 - 2024 Fareportal. All rights are reserved.